Merge branch 'eduardosan-stable' into hotfix-1.2.5

commit: 5e687f5e06525d005e63b8b28b09589e7ce48c3d [log] [tgz]
author: Bertrand Gouny <bertrand.gouny@osixia.net> Sun Jul 07 22:30:03 2019 +0200
committer: Bertrand Gouny <bertrand.gouny@osixia.net> Sun Jul 07 22:30:03 2019 +0200
tree: cedcb6f535468b9acfcb39d416d5de6c4e4deacf
parent: bde6813013cc6f0bd58ef56e8d1f295f0863384c [diff]
parent: fa68c99945e27f2e30b7a65adc81a3831a350cc1 [diff]
diff --git a/image/service/slapd/startup.sh b/image/service/slapd/startup.sh
index 8257844..9fde470 100755
--- a/image/service/slapd/startup.sh
+++ b/image/service/slapd/startup.sh

@@ -43,9 +43,11 @@
 [ -d /etc/ldap/slapd.d ] || mkdir -p /etc/ldap/slapd.d
 
 # fix file permissions
-chown -R openldap:openldap /var/lib/ldap
-chown -R openldap:openldap /etc/ldap
-chown -R openldap:openldap ${CONTAINER_SERVICE_DIR}/slapd
+if [ -z "$DISABLE_CHOWN" ]; then
+  chown -R openldap:openldap /var/lib/ldap
+  chown -R openldap:openldap /etc/ldap
+  chown -R openldap:openldap ${CONTAINER_SERVICE_DIR}/slapd
+fi
 
 FIRST_START_DONE="${CONTAINER_STATE_DIR}/slapd-first-start-done"
 WAS_STARTED_WITH_TLS="/etc/ldap/slapd.d/docker-openldap-was-started-with-tls"
@@ -156,7 +158,9 @@
       mv /tmp/schema/cn=config/cn=schema/* /etc/ldap/slapd.d/cn=config/cn=schema
       rm -r /tmp/schema
 
-      chown -R openldap:openldap /etc/ldap/slapd.d/cn=config/cn=schema
+      if [ -z "$DISABLE_CHOWN" ]; then
+        chown -R openldap:openldap /etc/ldap/slapd.d/cn=config/cn=schema
+      fi
     fi
 
     rm ${CONTAINER_SERVICE_DIR}/slapd/assets/config/bootstrap/schema/rfc2307bis.*
@@ -233,8 +237,10 @@
       ssl-helper $LDAP_SSL_HELPER_PREFIX $PREVIOUS_LDAP_TLS_CRT_PATH $PREVIOUS_LDAP_TLS_KEY_PATH $PREVIOUS_LDAP_TLS_CA_CRT_PATH
       [ -f ${PREVIOUS_LDAP_TLS_DH_PARAM_PATH} ] || openssl dhparam -out ${LDAP_TLS_DH_PARAM_PATH} 2048
 
-      chmod 600 ${PREVIOUS_LDAP_TLS_DH_PARAM_PATH}
-      chown openldap:openldap $PREVIOUS_LDAP_TLS_CRT_PATH $PREVIOUS_LDAP_TLS_KEY_PATH $PREVIOUS_LDAP_TLS_CA_CRT_PATH $PREVIOUS_LDAP_TLS_DH_PARAM_PATH
+      if [ -z "$DISABLE_CHOWN" ]; then
+        chmod 600 ${PREVIOUS_LDAP_TLS_DH_PARAM_PATH}
+        chown openldap:openldap $PREVIOUS_LDAP_TLS_CRT_PATH $PREVIOUS_LDAP_TLS_KEY_PATH $PREVIOUS_LDAP_TLS_CA_CRT_PATH $PREVIOUS_LDAP_TLS_DH_PARAM_PATH
+      fi
     fi
 
     # start OpenLDAP
@@ -337,10 +343,12 @@
 
       # create DHParamFile if not found
       [ -f ${LDAP_TLS_DH_PARAM_PATH} ] || openssl dhparam -out ${LDAP_TLS_DH_PARAM_PATH} 2048
-      chmod 600 ${LDAP_TLS_DH_PARAM_PATH}
-
+      
       # fix file permissions
-      chown -R openldap:openldap ${CONTAINER_SERVICE_DIR}/slapd
+      if [ -z "$DISABLE_CHOWN" ]; then
+        chmod 600 ${LDAP_TLS_DH_PARAM_PATH}
+        chown -R openldap:openldap ${CONTAINER_SERVICE_DIR}/slapd
+      fi
 
       # adapt tls ldif
       sed -i "s|{{ LDAP_TLS_CA_CRT_PATH }}|${LDAP_TLS_CA_CRT_PATH}|g" ${CONTAINER_SERVICE_DIR}/slapd/assets/config/tls/tls-enable.ldif

diff --git a/test/test_helper.bash b/test/test_helper.bash
old mode 100644
new mode 100755
commit	5e687f5e06525d005e63b8b28b09589e7ce48c3d	[log] [tgz]
author	Bertrand Gouny <bertrand.gouny@osixia.net>	Sun Jul 07 22:30:03 2019 +0200
committer	Bertrand Gouny <bertrand.gouny@osixia.net>	Sun Jul 07 22:30:03 2019 +0200
tree	cedcb6f535468b9acfcb39d416d5de6c4e4deacf
parent	bde6813013cc6f0bd58ef56e8d1f295f0863384c [diff]
parent	fa68c99945e27f2e30b7a65adc81a3831a350cc1 [diff]